Code:
/ Dotnetfx_Vista_SP2 / Dotnetfx_Vista_SP2 / 8.0.50727.4016 / DEVDIV / depot / DevDiv / releases / Orcas / QFE / wpf / src / Base / System / Security / RightsManagement / User.cs / 1 / User.cs
//------------------------------------------------------------------------------
//
//
// Copyright (C) Microsoft Corporation. All rights reserved.
//
//
// Description:
// This class implements the UnsignedPublishLicense class
// this class is the first step in the RightsManagement publishing process
//
// History:
// 06/01/2005: IgorBel : Initial Implementation
//
//-----------------------------------------------------------------------------
using System;
using System.Collections;
using System.Collections.Generic; // for IEqualityComparer generic interface.
using System.Diagnostics;
using System.Globalization;
using System.Text;
using System.Windows;
using MS.Internal; // for Invariant
using MS.Internal.Security.RightsManagement;
using SecurityHelper = MS.Internal.WindowsBase.SecurityHelper;
namespace System.Security.RightsManagement
{
///
/// This class represents a User for purposes of granting rights to that user, initializing secure environment for the user,
/// or enumerating rights granted to various users.
///
///
/// Critical: This class expose access to methods that eventually do one or more of the the following
/// 1. call into unmanaged code
/// 2. affects state/data that will eventually cross over unmanaged code boundary
/// 3. Return some RM related information which is considered private
///
/// TreatAsSafe: This attrbiute automatically applied to all public entry points. All the public entry points have
/// Demands for RightsManagementPermission at entry to counter the possible attacks that do
/// not lead to the unamanged code directly(which is protected by another Demand there) but rather leave
/// some status/data behind which eventually might cross the unamanaged boundary.
///
[SecurityCritical(SecurityCriticalScope.Everything)]
public class ContentUser
{
///
/// This constructor creates a user that will be granted a right. Or used in other related scenarios like
/// initializing secure environment for the user, or enumerating rights granted to various users.
///
public ContentUser(string name, AuthenticationType authenticationType)
{
SecurityHelper.DemandRightsManagementPermission();
if (name == null)
{
throw new ArgumentNullException("name");
}
if (name.Trim().Length == 0)
{
throw new ArgumentOutOfRangeException("name");
}
if ((authenticationType != AuthenticationType.Windows) &&
(authenticationType != AuthenticationType.Passport) &&
(authenticationType != AuthenticationType.WindowsPassport) &&
(authenticationType != AuthenticationType.Internal))
{
throw new ArgumentOutOfRangeException("authenticationType");
}
// We only support Anyone for the internal mode at the moment
if (authenticationType == AuthenticationType.Internal)
{
if (!CompareToAnyone(name) && !CompareToOwner(name))
{
// we only support Anyone as internal user
throw new ArgumentOutOfRangeException("name");
}
}
_name = name;
_authenticationType = authenticationType;
}
///
/// Currently only 2 Authentication types supported Windows and Passport
///
public AuthenticationType AuthenticationType
{
get
{
SecurityHelper.DemandRightsManagementPermission();
return _authenticationType;
}
}
///
/// Fully qualified SMTP address.
///
public string Name
{
get
{
SecurityHelper.DemandRightsManagementPermission();
return _name;
}
}
///
/// Return true if the current User currently authenticated, which means that initialization
/// process will likely not require a prompt.
/// We check if the machine and the user are activated.
/// We don't check the existence of a client licensor certificate since it is only
/// required for publishing only
///
public bool IsAuthenticated()
{
SecurityHelper.DemandRightsManagementPermission();
// we can only have activated Windows or Passport users
// undefined authentication type can only be used for building a UnsignedPublishLicense
if ((_authenticationType != AuthenticationType.Windows) &&
(_authenticationType != AuthenticationType.Passport))
{
return false;
}
// User specific client session to check it's status
using (ClientSession userClientSession = new ClientSession(this))
{
return (userClientSession.IsMachineActivated() &&
userClientSession.IsUserActivated());
}
}
///
/// Test for equality.
///
public override bool Equals(object obj)
{
SecurityHelper.DemandRightsManagementPermission();
if (obj == null)
return false; // Standard behavior.
if (GetType() != obj.GetType())
return false; // Different type.
ContentUser userObj = (ContentUser)obj;
return (String.CompareOrdinal(_name.ToUpperInvariant(), userObj._name.ToUpperInvariant()) == 0)
&&
_authenticationType.Equals(userObj._authenticationType);
}
///
/// Returns an instance of the User class that identifyes "Anyone" persona.
/// This user has authentication type "Internal" and Name "Anyone".
/// If this such user was granted rights dutring publishing; server will issue Use License
/// to anyone who requests one, but it will be attached to the requesting user.
///
public static ContentUser AnyoneUser
{
get
{
SecurityHelper.DemandRightsManagementPermission();
if (_anyoneUser == null)
{
_anyoneUser = new ContentUser(AnyoneUserName, AuthenticationType.Internal);
}
return _anyoneUser;
}
}
///
/// Returns an instance of the User class that identifies "Owner" persona.
/// This user has authentication type Internal and Name "Owner".
/// This is mostly used by the server side templates to give special rights to the
/// Publisher/author who would be building a protected document using those templates
///
public static ContentUser OwnerUser
{
get
{
SecurityHelper.DemandRightsManagementPermission();
if (_ownerUser == null)
{
_ownerUser = new ContentUser(OwnerUserName, AuthenticationType.Internal);
}
return _ownerUser;
}
}
///
/// Compute hash code.
///
public override int GetHashCode()
{
SecurityHelper.DemandRightsManagementPermission();
if (!hashCalcIsDone)
{
StringBuilder hashString = new StringBuilder(_name.ToUpperInvariant());
hashString.Append(_authenticationType.ToString());
hashValue = (hashString.ToString()).GetHashCode();
hashCalcIsDone = true;
}
return hashValue;
}
///
/// Converts AuthenticationType to AuthenticationProviderType string require for a client session
///
internal string AuthenticationProviderType
{
get
{
if (_authenticationType == AuthenticationType.Windows)
{
return WindowsAuthProvider;
}
else if (_authenticationType == AuthenticationType.Passport)
{
return PassportAuthProvider;
}
else
{
Invariant.Assert(false, "AuthenticationProviderType can only be queried for Windows or Passport authentication");
return null;
}
}
}
///
/// Generic test for equality. This method allows any types based on ContentUser
/// to be comparable.
///
///
/// TreatAsSafe: This method may be called indirectly from a Partial Trust environment.
/// It only performs a safe string comparison.
///
[SecurityTreatAsSafe]
internal bool GenericEquals(ContentUser userObj)
{
// this checks for null argument
if (userObj == null)
{
return false;
}
else
{
return (String.CompareOrdinal(_name.ToUpperInvariant(), userObj._name.ToUpperInvariant()) == 0)
&&
_authenticationType.Equals(userObj._authenticationType);
}
}
///
/// Implements the IEqualityComparer generic interface to be
/// used in a Dictionary with ContentUser as key type.
/// This interface allows any types based on ContentUser to be
/// comparable.
///
///
/// TreatAsSafe: The methods of this class may be called indirectly from
/// a Partial Trust environment.
/// Both methods only validate their parameters, then call other safe methods.
///
[SecurityTreatAsSafe]
internal sealed class ContentUserComparer : IEqualityComparer
{
bool IEqualityComparer.Equals(ContentUser user1, ContentUser user2)
{
Invariant.Assert(user1 != null, "user1 should not be null");
return user1.GenericEquals(user2);
}
int IEqualityComparer.GetHashCode(ContentUser user)
{
Invariant.Assert(user != null, "user should not be null");
return user.GetHashCode();
}
}
///
/// A comparer that can be passed to a Dictionary to allow
/// generic match for different types based on ContentUser.
///
///
/// TreatAsSafe: This field will be accessed by SecurityTransparent code. It's static, readonly.
/// It's safe to allow access from SecurityTransparent code.
///
[SecurityTreatAsSafe]
internal static readonly ContentUserComparer _contentUserComparer = new ContentUserComparer();
internal static bool CompareToAnyone(string name)
{
return (0 == String.CompareOrdinal(AnyoneUserName.ToUpperInvariant(), name.ToUpperInvariant()));
}
internal static bool CompareToOwner(string name)
{
return (0 == String.CompareOrdinal(OwnerUserName.ToUpperInvariant(), name.ToUpperInvariant()));
}
private const string WindowsAuthProvider = "WindowsAuthProvider";
private const string PassportAuthProvider = "PassportAuthProvider";
private const string OwnerUserName = "Owner";
private static ContentUser _ownerUser;
private const string AnyoneUserName = "Anyone";
private static ContentUser _anyoneUser;
private string _name;
private AuthenticationType _authenticationType;
private int hashValue;
private bool hashCalcIsDone; // flag that indicates the value in hasValue is already calculated and usable
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------------------------
//
//
// Copyright (C) Microsoft Corporation. All rights reserved.
//
//
// Description:
// This class implements the UnsignedPublishLicense class
// this class is the first step in the RightsManagement publishing process
//
// History:
// 06/01/2005: IgorBel : Initial Implementation
//
//-----------------------------------------------------------------------------
using System;
using System.Collections;
using System.Collections.Generic; // for IEqualityComparer generic interface.
using System.Diagnostics;
using System.Globalization;
using System.Text;
using System.Windows;
using MS.Internal; // for Invariant
using MS.Internal.Security.RightsManagement;
using SecurityHelper = MS.Internal.WindowsBase.SecurityHelper;
namespace System.Security.RightsManagement
{
///
/// This class represents a User for purposes of granting rights to that user, initializing secure environment for the user,
/// or enumerating rights granted to various users.
///
///
/// Critical: This class expose access to methods that eventually do one or more of the the following
/// 1. call into unmanaged code
/// 2. affects state/data that will eventually cross over unmanaged code boundary
/// 3. Return some RM related information which is considered private
///
/// TreatAsSafe: This attrbiute automatically applied to all public entry points. All the public entry points have
/// Demands for RightsManagementPermission at entry to counter the possible attacks that do
/// not lead to the unamanged code directly(which is protected by another Demand there) but rather leave
/// some status/data behind which eventually might cross the unamanaged boundary.
///
[SecurityCritical(SecurityCriticalScope.Everything)]
public class ContentUser
{
///
/// This constructor creates a user that will be granted a right. Or used in other related scenarios like
/// initializing secure environment for the user, or enumerating rights granted to various users.
///
public ContentUser(string name, AuthenticationType authenticationType)
{
SecurityHelper.DemandRightsManagementPermission();
if (name == null)
{
throw new ArgumentNullException("name");
}
if (name.Trim().Length == 0)
{
throw new ArgumentOutOfRangeException("name");
}
if ((authenticationType != AuthenticationType.Windows) &&
(authenticationType != AuthenticationType.Passport) &&
(authenticationType != AuthenticationType.WindowsPassport) &&
(authenticationType != AuthenticationType.Internal))
{
throw new ArgumentOutOfRangeException("authenticationType");
}
// We only support Anyone for the internal mode at the moment
if (authenticationType == AuthenticationType.Internal)
{
if (!CompareToAnyone(name) && !CompareToOwner(name))
{
// we only support Anyone as internal user
throw new ArgumentOutOfRangeException("name");
}
}
_name = name;
_authenticationType = authenticationType;
}
///
/// Currently only 2 Authentication types supported Windows and Passport
///
public AuthenticationType AuthenticationType
{
get
{
SecurityHelper.DemandRightsManagementPermission();
return _authenticationType;
}
}
///
/// Fully qualified SMTP address.
///
public string Name
{
get
{
SecurityHelper.DemandRightsManagementPermission();
return _name;
}
}
///
/// Return true if the current User currently authenticated, which means that initialization
/// process will likely not require a prompt.
/// We check if the machine and the user are activated.
/// We don't check the existence of a client licensor certificate since it is only
/// required for publishing only
///
public bool IsAuthenticated()
{
SecurityHelper.DemandRightsManagementPermission();
// we can only have activated Windows or Passport users
// undefined authentication type can only be used for building a UnsignedPublishLicense
if ((_authenticationType != AuthenticationType.Windows) &&
(_authenticationType != AuthenticationType.Passport))
{
return false;
}
// User specific client session to check it's status
using (ClientSession userClientSession = new ClientSession(this))
{
return (userClientSession.IsMachineActivated() &&
userClientSession.IsUserActivated());
}
}
///
/// Test for equality.
///
public override bool Equals(object obj)
{
SecurityHelper.DemandRightsManagementPermission();
if (obj == null)
return false; // Standard behavior.
if (GetType() != obj.GetType())
return false; // Different type.
ContentUser userObj = (ContentUser)obj;
return (String.CompareOrdinal(_name.ToUpperInvariant(), userObj._name.ToUpperInvariant()) == 0)
&&
_authenticationType.Equals(userObj._authenticationType);
}
///
/// Returns an instance of the User class that identifyes "Anyone" persona.
/// This user has authentication type "Internal" and Name "Anyone".
/// If this such user was granted rights dutring publishing; server will issue Use License
/// to anyone who requests one, but it will be attached to the requesting user.
///
public static ContentUser AnyoneUser
{
get
{
SecurityHelper.DemandRightsManagementPermission();
if (_anyoneUser == null)
{
_anyoneUser = new ContentUser(AnyoneUserName, AuthenticationType.Internal);
}
return _anyoneUser;
}
}
///
/// Returns an instance of the User class that identifies "Owner" persona.
/// This user has authentication type Internal and Name "Owner".
/// This is mostly used by the server side templates to give special rights to the
/// Publisher/author who would be building a protected document using those templates
///
public static ContentUser OwnerUser
{
get
{
SecurityHelper.DemandRightsManagementPermission();
if (_ownerUser == null)
{
_ownerUser = new ContentUser(OwnerUserName, AuthenticationType.Internal);
}
return _ownerUser;
}
}
///
/// Compute hash code.
///
public override int GetHashCode()
{
SecurityHelper.DemandRightsManagementPermission();
if (!hashCalcIsDone)
{
StringBuilder hashString = new StringBuilder(_name.ToUpperInvariant());
hashString.Append(_authenticationType.ToString());
hashValue = (hashString.ToString()).GetHashCode();
hashCalcIsDone = true;
}
return hashValue;
}
///
/// Converts AuthenticationType to AuthenticationProviderType string require for a client session
///
internal string AuthenticationProviderType
{
get
{
if (_authenticationType == AuthenticationType.Windows)
{
return WindowsAuthProvider;
}
else if (_authenticationType == AuthenticationType.Passport)
{
return PassportAuthProvider;
}
else
{
Invariant.Assert(false, "AuthenticationProviderType can only be queried for Windows or Passport authentication");
return null;
}
}
}
///
/// Generic test for equality. This method allows any types based on ContentUser
/// to be comparable.
///
///
/// TreatAsSafe: This method may be called indirectly from a Partial Trust environment.
/// It only performs a safe string comparison.
///
[SecurityTreatAsSafe]
internal bool GenericEquals(ContentUser userObj)
{
// this checks for null argument
if (userObj == null)
{
return false;
}
else
{
return (String.CompareOrdinal(_name.ToUpperInvariant(), userObj._name.ToUpperInvariant()) == 0)
&&
_authenticationType.Equals(userObj._authenticationType);
}
}
///
/// Implements the IEqualityComparer generic interface to be
/// used in a Dictionary with ContentUser as key type.
/// This interface allows any types based on ContentUser to be
/// comparable.
///
///
/// TreatAsSafe: The methods of this class may be called indirectly from
/// a Partial Trust environment.
/// Both methods only validate their parameters, then call other safe methods.
///
[SecurityTreatAsSafe]
internal sealed class ContentUserComparer : IEqualityComparer
{
bool IEqualityComparer.Equals(ContentUser user1, ContentUser user2)
{
Invariant.Assert(user1 != null, "user1 should not be null");
return user1.GenericEquals(user2);
}
int IEqualityComparer.GetHashCode(ContentUser user)
{
Invariant.Assert(user != null, "user should not be null");
return user.GetHashCode();
}
}
///
/// A comparer that can be passed to a Dictionary to allow
/// generic match for different types based on ContentUser.
///
///
/// TreatAsSafe: This field will be accessed by SecurityTransparent code. It's static, readonly.
/// It's safe to allow access from SecurityTransparent code.
///
[SecurityTreatAsSafe]
internal static readonly ContentUserComparer _contentUserComparer = new ContentUserComparer();
internal static bool CompareToAnyone(string name)
{
return (0 == String.CompareOrdinal(AnyoneUserName.ToUpperInvariant(), name.ToUpperInvariant()));
}
internal static bool CompareToOwner(string name)
{
return (0 == String.CompareOrdinal(OwnerUserName.ToUpperInvariant(), name.ToUpperInvariant()));
}
private const string WindowsAuthProvider = "WindowsAuthProvider";
private const string PassportAuthProvider = "PassportAuthProvider";
private const string OwnerUserName = "Owner";
private static ContentUser _ownerUser;
private const string AnyoneUserName = "Anyone";
private static ContentUser _anyoneUser;
private string _name;
private AuthenticationType _authenticationType;
private int hashValue;
private bool hashCalcIsDone; // flag that indicates the value in hasValue is already calculated and usable
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- WebConfigurationFileMap.cs
- RNGCryptoServiceProvider.cs
- TextBreakpoint.cs
- Reference.cs
- MulticastDelegate.cs
- BatchServiceHost.cs
- HelpKeywordAttribute.cs
- DataGridViewComboBoxEditingControl.cs
- DataObject.cs
- InvokeWebServiceDesigner.cs
- SafeFileMapViewHandle.cs
- SynchronizedKeyedCollection.cs
- SerialPort.cs
- SynchronizationContext.cs
- UnsafeNativeMethods.cs
- DynamicObject.cs
- HtmlTitle.cs
- PrintEvent.cs
- ArithmeticException.cs
- AnonymousIdentificationModule.cs
- CodePageEncoding.cs
- SecurityDescriptor.cs
- X509PeerCertificateElement.cs
- ResourceAttributes.cs
- ToolStripArrowRenderEventArgs.cs
- ImageBrush.cs
- InkCanvas.cs
- ValueType.cs
- UserControlDesigner.cs
- SpAudioStreamWrapper.cs
- DbConnectionPoolCounters.cs
- Error.cs
- ObservableCollectionDefaultValueFactory.cs
- rsa.cs
- MetadataLocation.cs
- SamlSecurityToken.cs
- ProfileBuildProvider.cs
- RemotingConfigParser.cs
- HttpFileCollectionWrapper.cs
- EventDescriptorCollection.cs
- ParentQuery.cs
- GeometryConverter.cs
- FixUpCollection.cs
- SqlProviderServices.cs
- TimeoutException.cs
- PrintPageEvent.cs
- ServiceBehaviorAttribute.cs
- TraceSection.cs
- CmsInterop.cs
- StreamResourceInfo.cs
- CompModSwitches.cs
- RuleSetReference.cs
- SafeHGlobalHandleCritical.cs
- ReachPrintTicketSerializerAsync.cs
- DataFormat.cs
- RowBinding.cs
- UIInitializationException.cs
- HttpResponseWrapper.cs
- Console.cs
- UdpTransportSettings.cs
- ThreadInterruptedException.cs
- ConstraintManager.cs
- MenuAutomationPeer.cs
- Encoder.cs
- DropDownList.cs
- Application.cs
- CommandField.cs
- ModuleConfigurationInfo.cs
- FrameworkElementFactory.cs
- DBPropSet.cs
- ADMembershipUser.cs
- TransformPatternIdentifiers.cs
- ExpressionPrefixAttribute.cs
- InputScopeManager.cs
- TableLayout.cs
- PackWebRequestFactory.cs
- PointHitTestParameters.cs
- RelatedEnd.cs
- PageStatePersister.cs
- BuildManagerHost.cs
- SqlCacheDependencyDatabase.cs
- _ShellExpression.cs
- WebContext.cs
- RuleSetBrowserDialog.cs
- ActivityCodeDomSerializationManager.cs
- RenderContext.cs
- ApplicationGesture.cs
- MeshGeometry3D.cs
- HttpModuleCollection.cs
- SortKey.cs
- IntranetCredentialPolicy.cs
- HttpPostClientProtocol.cs
- Label.cs
- IntranetCredentialPolicy.cs
- SqlRecordBuffer.cs
- InfoCardRSAPKCS1SignatureFormatter.cs
- XhtmlBasicObjectListAdapter.cs
- StackBuilderSink.cs
- GradientBrush.cs
- DriveNotFoundException.cs